CVE-2005-3257

Severity

46%

Complexity

39%

Confidentiality

106%

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Linux Kernel

First reported 19 years ago

2005-10-18 22:02:00

Last updated 6 years ago

2018-10-03 21:31:00

Affected Software

Linux Kernel 2.6.12

2.6.12

Linux Kernel 2.6.14.4

2.6.14.4

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334113

Exploit, Vendor Advisory

RHBA-2007-0304

17226

Vendor Advisory

17826

Vendor Advisory

17995

Vendor Advisory

18203

Vendor Advisory

19185

Vendor Advisory

19369

Vendor Advisory

19374

Vendor Advisory

DSA-1017

DSA-1018

MDKSA-2005:218

MDKSA-2005:219

MDKSA-2005:220

MDKSA-2005:235

15122

oval:org.mitre.oval:def:10615

USN-231-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.